package com.ssm.controller;

import com.github.pagehelper.PageInfo;
import com.ssm.domain.Role;
import com.ssm.domain.UserInfo;
import com.ssm.service.IUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;

import java.util.List;

/**
 * 用户控制类
 */
@Controller
@RequestMapping("/user")
public class UserController {

    @Autowired
    private IUserService userService;

    @RequestMapping("/show.do")
    public ModelAndView findByName() {
        ModelAndView mv = new ModelAndView();
        SecurityContext context = SecurityContextHolder.getContext(); ///从上下文中获取当前的用户
        User user = (User) context.getAuthentication().getPrincipal();
        String username = user.getUsername();
        UserInfo user1 = userService.findByName(username);
        mv.addObject("user",user1);
        mv.setViewName("user-update");
        return mv;
    }

    @RequestMapping("/update.do")
    public String update(UserInfo userInfo) throws Exception {
        userService.update(userInfo);
        return "redirect:/login.jsp";
    }

    @RequestMapping("/register.do")
    public String register(UserInfo userInfo) throws Exception {
        userService.save(userInfo);
        return "redirect:login.do";
    }

    //给用户添加角色
    @RequestMapping("/addRoleToUser.do")
    public String addRoleToUser(@RequestParam(name = "userId", required = true) String userId,
                                @RequestParam(name = "ids", required = true) String[] roleIds) throws Exception {
        userService.addRoleToUser(userId, roleIds);
        return "redirect:findAll.do";
    }

    //查询用户以及用户可以添加的角色
    @RequestMapping("/findUserByIdAndAllRole.do")
    public ModelAndView findUserByIdAndAllRole(@RequestParam(name="id",required = true) String userId) throws Exception {
        ModelAndView mv = new ModelAndView();
        //根据id查询用户
        UserInfo userInfo = userService.findById(userId);
//        根据用户查询添加的角色
        List<Role> otherRoles = userService.findOtherRoles(userId);
        mv.addObject("user",userInfo);
        mv.addObject("roleList",otherRoles);
        mv.setViewName("user-role-add");
        return mv;
    }

    //查询指定用户id的信息
    @RequestMapping("/findById.do")
    public ModelAndView findById(@RequestParam("id") String id) throws Exception {
        ModelAndView mv = new ModelAndView();
        UserInfo user = userService.findById(id);
        mv.addObject("user",user);
        mv.setViewName("user-show1");
        return mv;
    }

    //用户添加
    @RequestMapping("/save.do")
//    @PreAuthorize("authentication.principal.username == 'tom'")
    public String save(UserInfo userInfo) throws Exception {
        userService.save(userInfo);
        return "redirect:findAll.do";
    }

    @RequestMapping("/findAll.do")
    public ModelAndView findAll(@RequestParam(name="page",required = true, defaultValue = "1") Integer page,
                                @RequestParam(name="size",required = true, defaultValue = "5") Integer size)
            throws Exception {
        ModelAndView mv = new ModelAndView();
        List<UserInfo> userList = userService.findAll(page,size);
        PageInfo pageInfo = new PageInfo(userList);
        mv.addObject("pageInfo",pageInfo);
        mv.setViewName("user-list");
        return mv;
    }

    //删除用户
    @RequestMapping("/deleteUser.do")
    @PreAuthorize("authentication.principal.username == 'admin'")
//    @PreAuthorize("hasRole('ROLE_ADMIN')")
    public String deleteRole(@RequestParam(name="id", required = true)String userId) throws Exception {
        userService.deleteUser(userId);
        return "redirect:findAll.do";
    }
}
